Security Bulletin: Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Server (CVE-2021-35550, CVE-2021-35603)

Summary Vulnerabilities in IBM® Runtime Environment Java™ were disclosed as part of the IBM Java SDK updates in October 2021. IBM® Runtime Environment Java™ is used by IBM Spectrum Protect Server and may be affected by the below vulnerabilities CVEs. Vulnerability Details CVEID: CVE-2021-35603...

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to unauthorized sensitive information access due to IBM Java (CVE-2021-35603)

Summary IBM Java is used by IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms in product configuration, management, and data transmission. IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms is impacted by an unauthorized sensitive information access...

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

Summary IBM Java is used by IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms in product configuration, management, and data transmission. IBM Sterling Connect:Direct for UNIX on AIX, Linux, and Solaris platforms is impacted by an unauthorized data access issue in IBM Java...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SD...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of t...

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8 and IBM® Runtime Environment Java™ Version 7 and 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. This issue was disclosed as part of the IBM Java SD...

Security Bulletin: June 2022 : Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed a CVE that could allow an unauthenticated attacker to cause a denial of service and two CVEs that could allow an...

Security Bulletin: A vulnerability (CVE-2022-21299) in IBM Java Runtime affects CICS Transaction Gateway

Summary IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 is used by CICS Transaction Gateway. The fix removes vulnerability CVE-2022-21299 that could allow an unauthenticated attacker to cause a denial of service. Vulnerability Details CVEID: CVE-2022-21299 DESCRIPTION: An unspecified...

Security Bulletin: A vulnerability (CVE-2021-35603) in IBM Java Runtime affects CICS Transaction Gateway

Summary IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 is used by CICS Transaction Gateway. The fix removes vulnerability CVE-2021-35603 that can allow an unauthenticated attacker to obtain sensitive information. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified...

Security Bulletin: A vulnerability (CVE-2021-35561) in IBM Java Runtime affects CICS Transaction Gateway

Summary IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 is used by CICS Transaction Gateway. The fix removes vulnerability CVE-2021-35561 that can allow an unauthenticated attacker to cause a denial of service. Vulnerability Details CVEID: CVE-2021-35561 DESCRIPTION: An unspecified...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Application Server January 2022 CPU that is bundled with IBM WebSphere Application Server Patterns

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates...

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unauthorized sensitive information access due to IBM Java vulnerability (CVE-2021-35603)

Summary IBM Java is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms is impacted by an unauthorized sensitive information access iss...

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

Summary IBM Java is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, Solaris, and Windows platforms is impacted by an unauthorized data access issue in IBM Java...

Security Bulletin: A vulnerability (CVE-2021-35550) in IBM Java Runtime affects CICS Transaction Gateway

Summary IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 is used by CICS Transaction Gateway. The fix removes vulnerability CVE-2021-35550 that can allow an unauthenticated attacker to obtain sensitive information. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified...

Security Bulletin: June 2022 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7.0, 7.1 and 8.0 used by CICS Transaction Gateway. CICS Transaction Gateway has addressed seven CVEs that can allow denial of service and three CVEs that can allow no confidentiallty impact. Vulnerability Detail...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35550 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2021-35603)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by 4.1.0.4 to 4.1.0.7 of IBM Tivoli System Automation for Multiplatforms. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Tue Jun 14 14:37:05 CDT 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javajun2022advisory.asc https://aix.software.ibm.com/aix/efixes/security/javajun2022advisory.asc...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager Oct 2021 CPU (CVE-2021-35550)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in Oct 2021. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Jan 2022 CPU (CVE-2022-21248, CVE-2022-21293, CVE-2022-21294, CVE-2022-21341)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by 4.1.0.4 to 4.1.0.7 of IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in Jan 2022. Vulnerability Details Refer to the security bulletin...